Ephemeral Firefox in Ubuntu (1/3)

This post will describe how to create an Ephemeral Firefox session. The ultimate goal of an Ephemeral Firefox session is to unlink your browsing sessions day-to-day and reduce tracking via fingerprinting.

This technique can also be used to compartmentalize your internet activity by using the Ephemeral Firefox session as a Site Specific Browser. This can be especially useful for websites that are infamous for tracking users across the internet and selling the data they collect. For example, you can blacklist all facebook domains in your main browser and only use Ephemeral Firefox sessions that have been whitelisted exclusively for facebook domains--effectively compartmentalizing your facebook activity from the rest of your internet activity.

Another great use-case for an Ephemeral Firefox is for public access computers such as those at libraries, hotels, and printing shops.

Install Prereqs

We utilize a few tools such as firejail to create an Ephemeral Firefox session that must be installed.

user@host:~$ sudo apt-get install firejail secure-delete

Note that firejail can break many apps by replacing several app's binaries with symlinks to prefix their binary with `firejail`. If you don't want to use it for anything other than Ephemeral Firefox, then it may be a good idea to change this behaviour with the following commmnd:

user@host:~$ sudo firecfg --clean

Ephemeral Firefox Script

Copy the following script into '$HOME/bin/ephemeralFirefox.sh', make it executable, and make sure '$HOME/bin' is in your $PATH

As you can see, the above script simply creates a temporary sandbox directory in the user's home directory. The location of this directory is important -- we don't use '/tmp/' as our temp dir because '/tmp/' is often 777 = anyone can read/write/execute inside of '/tmp/'. Instead, we create the tmp directory in the user's '$HOME/tmp' directory. Another benefit of this is that most Ubuntu installs since 2009's Ubuntu 9.04 (Jaunty Jackalope) will at least have the user's home directory encrypted with encryptfs -- if not using Full Disk Encryption, available since 2012 in Ubuntu 12.10 (Quantal Quetzal).

This temporary directory is then used to store the profile data for the Ephemeral Firefox session. Note that this temp directory's data is entirely distinct from any existing Firefox's profiles dirs.

After the Ephemeral Firefox window is closed, the script shreds this temporary directory's data with pseudorandom bits.

We also use firejail to lock the Ephemeral Firefox session in a security sandbox at the kernel-level. This, for example, prevents our Ephemeral Firefox from being able to access most of the user's disk -- including '$HOME/.mozilla/firefox' -- which may store information about the user's activity with their everyday Firefox browser. By default, the only directories that the Ephemeral Firefox will be able to access on your machine other than the temp profile dir are the Desktop and Downloads directories.

ⓘ Note: If you have issues with firejail, you may have an issue with your firejail firefox profile. For example, I had an issue on Ubuntu 18.04 where firefox would start, but it would not have internet access. To debug the firefox profile, I iteratively commented-out the lines in the /etc/firejail/firefox.profile until the issue went away when I commented out the 'seccomp' line.

Desktop shortcut

Now we create an xdg desktop entry and create a symlink to it for a shortcut on the desktop.

Limitations

Note that this Ephemeral Firefox solution does not (attempt to) achieve anonymity. While an Ephemeral Firefox session may help you avoid websites tracking your internet history via fingerprinting, there are other techniques that can be employed to track your activity other than fingerprinting. One obvious example is your geolocation, ISP, or IP Address. To further avoid tracking via these metrics, consider getting a VPN provider. After getting a VPN, consider setting-up a Whole House VPN.

If you are an investigative journalist, activist, or political dissident looking to safely browse the internet without being tracked by an oppressive regime, this solution is not for you. If you're concerned that an adversary having access to your Internet activity could cause pain, suffering, or loss-of-life, then you should not trust this system to protect you. Instead, you should use TAILS.

If you like the idea of compartmentalization of your firefox activity into an Ephemeral Firefox, you may want to checkout QubesOS. Qubes is an entire OS designed with the principle of security through compartmentalization. Instead of merely creating a disposable Ephemeral Firefox, you can quickly & easily create a Disposable Virtual Machine.

@Max I like the idea of using tmpfs! But firefox is quite a memory hog, and I could quickly see someone exhausting all their RAM on a machine with just a few Gigs of RAM -- at least doing so with the type of browsing I do: dozens of tabs open on each firefox window and several distinct ephemeral firefox sessions open for compartmentalization of distinct browsing activities (ie: banking, work, personal email, research, etc)

I also did some experimentation with first creating an encrypted LUKS file volume with a huge random & ephemeral key, mounting that, and then using it as the TMP_PATH (`dd … of=file`, `cryptsetup luksFormat file`, `…luksOpen…`, `mkfs…file`, `mount…`) -- which you may be interested in.